Weekly Vulnerabilities Reports > December 7 to 13, 2020
Overview
360 new vulnerabilities reported during this period, including 65 critical vulnerabilities and 119 high severity vulnerabilities. This weekly summary report vulnerabilities in 368 products from 124 vendors including Apple, Debian, Mozilla, Fedoraproject, and Imagemagick. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Out-of-bounds Write", "Use After Free", and "Missing Authorization".
- 236 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 71 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 260 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 63 reported vulnerabilities.
- Docker has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
65 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-09 | CVE-2020-26829 | SAP | Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. | 10.0 |
2020-12-11 | CVE-2020-27134 | Cisco | Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
2020-12-11 | CVE-2020-27133 | Cisco | Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
2020-12-11 | CVE-2020-27132 | Cisco | Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
2020-12-11 | CVE-2020-27127 | Cisco | Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |
2020-12-12 | CVE-2020-29563 | Westerndigital | Improper Authentication vulnerability in Westerndigital MY Cloud OS 5 An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. | 9.8 |
2020-12-11 | CVE-2020-25112 | Contiki OS | Out-of-bounds Write vulnerability in Contiki-Os 3.0 An issue was discovered in the IPv6 stack in Contiki through 3.0. | 9.8 |
2020-12-11 | CVE-2020-25111 | Contiki OS | Out-of-bounds Write vulnerability in Contiki-Os 3.0 An issue was discovered in the IPv6 stack in Contiki through 3.0. | 9.8 |
2020-12-11 | CVE-2020-25110 | Ethernut | Out-of-bounds Read vulnerability in Ethernut Nut/Os 4.10/5.1 An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. | 9.8 |
2020-12-11 | CVE-2020-25109 | Ethernut | Out-of-bounds Read vulnerability in Ethernut Nut/Os 4.10/5.1 An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. | 9.8 |
2020-12-11 | CVE-2020-25108 | Ethernut | Out-of-bounds Write vulnerability in Ethernut Nut/Os 4.10/5.1 An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. | 9.8 |
2020-12-11 | CVE-2020-25107 | Ethernut | Out-of-bounds Read vulnerability in Ethernut Nut/Os 4.10/5.1 An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. | 9.8 |
2020-12-11 | CVE-2020-24338 | Altran | Out-of-bounds Write vulnerability in Altran Picotcp An issue was discovered in picoTCP through 1.7.0. | 9.8 |
2020-12-11 | CVE-2020-24336 | Contiki OS Contiki NG | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. | 9.8 |
2020-12-11 | CVE-2020-17438 | UIP Project | Out-of-bounds Write vulnerability in UIP Project UIP 1.0 An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. | 9.8 |
2020-12-11 | CVE-2020-27730 | F5 Netapp | Path Traversal vulnerability in multiple products In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. | 9.8 |
2020-12-11 | CVE-2020-19165 | Phpshe | SQL Injection vulnerability in PHPshe 1.7 PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter. | 9.8 |
2020-12-11 | CVE-2020-29574 | Sophos | SQL Injection vulnerability in Sophos Cyberoamos An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. | 9.8 |
2020-12-11 | CVE-2020-15357 | Askey | OS Command Injection vulnerability in Askey Ap5100W Firmware 1.01.097 Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options. | 9.8 |
2020-12-11 | CVE-2020-29591 | Docker | Weak Password Requirements vulnerability in Docker Registry Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. | 9.8 |
2020-12-11 | CVE-2020-7788 | INI Project Debian | This affects the package ini before 1.3.6. | 9.8 |
2020-12-11 | CVE-2020-13556 | Opener Project | Out-of-bounds Write vulnerability in Opener Project Opener 2.3 An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. | 9.8 |
2020-12-11 | CVE-2020-24634 | Arubanetworks | Command Injection vulnerability in Arubanetworks Arubaos An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | 9.8 |
2020-12-11 | CVE-2020-24633 | Arubanetworks | Classic Buffer Overflow vulnerability in Arubanetworks Arubaos There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | 9.8 |
2020-12-11 | CVE-2020-17530 | Apache Oracle | Expression Language Injection vulnerability in multiple products Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | 9.8 |
2020-12-11 | CVE-2020-7540 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests. | 9.8 |
2020-12-11 | CVE-2020-28215 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently. | 9.8 |
2020-12-10 | CVE-2020-29311 | Ubilling | Missing Authentication for Critical Function vulnerability in Ubilling 1.0.9 Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. | 9.8 |
2020-12-10 | CVE-2020-26201 | Askey | Weak Password Requirements vulnerability in Askey Ap5100W Firmware 1.01.097 Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. | 9.8 |
2020-12-10 | CVE-2020-19527 | Idreamsoft | OS Command Injection vulnerability in Idreamsoft Icms 7.0.14 iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php. | 9.8 |
2020-12-10 | CVE-2020-19142 | Idreamsoft | OS Command Injection vulnerability in Idreamsoft Icms 7.0.0 iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php. | 9.8 |
2020-12-10 | CVE-2020-29667 | Lanatmservice | Insufficient Session Expiration vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0 In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration. | 9.8 |
2020-12-10 | CVE-2019-7198 | Qnap | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 9.8 |
2020-12-09 | CVE-2020-29659 | Flexense | Classic Buffer Overflow vulnerability in Flexense Dupscout 10.0.18 A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. | 9.8 |
2020-12-09 | CVE-2020-17529 | Apache | Out-of-bounds Write vulnerability in Apache Nuttx Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. | 9.8 |
2020-12-08 | CVE-2020-28274 | Deepref Project | Unspecified vulnerability in Deepref Project Deepref Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution. | 9.8 |
2020-12-08 | CVE-2020-29602 | Irssi | Unspecified vulnerability in Irssi Docker Image The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29601 | Docker | Unspecified vulnerability in Docker Notary Docker Image The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29581 | Docker | Unspecified vulnerability in Docker Spiped Alpine Docker Image The official spiped docker images before 1.5-alpine contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29580 | Docker | Unspecified vulnerability in Docker Storm Docker Image The official storm Docker images before 1.2.1 contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29579 | Express Gateway | Unspecified vulnerability in Express-Gateway Docker Image The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29577 | ZNC | Unspecified vulnerability in ZNC Docker Image The official znc docker images before 1.7.1-slim contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29576 | Eggheads | Unspecified vulnerability in Eggheads Eggdrop Docker Image The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29575 | Docker | Unspecified vulnerability in Docker Elixir Alpine Docker Image The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29564 | Hashicorp | Unspecified vulnerability in Hashicorp Consul Docker Image The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-29578 | Matomo | Unspecified vulnerability in Matomo Piwik Fpm-Alpine Docker Image The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
2020-12-08 | CVE-2020-25889 | Online BUS Booking System Project | SQL Injection vulnerability in Online BUS Booking System Project Online BUS Booking System 1.0 Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. | 9.8 |
2020-12-08 | CVE-2020-17531 | Apache | Unspecified vulnerability in Apache Tapestry A Java Serialization vulnerability was found in Apache Tapestry 4. | 9.8 |
2020-12-07 | CVE-2020-29600 | Awstats Debian Fedoraproject | Path Traversal vulnerability in multiple products In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. | 9.8 |
2020-12-07 | CVE-2020-29597 | Incomcms Project | Unrestricted Upload of File with Dangerous Type vulnerability in Incomcms Project Incomcms 2.0 IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. | 9.8 |
2020-12-07 | CVE-2020-29595 | Acdsee | Unspecified vulnerability in Acdsee Photo Studio 2021 14.0 PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa. | 9.8 |
2020-12-07 | CVE-2020-5800 | EAT Spray Love Project | Incorrect Resource Transfer Between Spheres vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20 The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to. | 9.8 |
2020-12-07 | CVE-2020-5799 | EAT Spray Love Project | Unspecified vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20 The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data. | 9.8 |
2020-12-11 | CVE-2020-5948 | F5 | Cross-site Scripting vulnerability in F5 products On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. | 9.6 |
2020-12-10 | CVE-2020-16608 | Notable | Cross-site Scripting vulnerability in Notable 1.8.4 Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true). | 9.6 |
2020-12-09 | CVE-2020-26831 | SAP | Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.1/4.2/4.3 SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file disclosure, internal directories disclosure, Server-Side Request Forgery (SSRF) and denial-of-service (DoS). | 9.6 |
2020-12-11 | CVE-2020-24383 | Butok | Out-of-bounds Read vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 9.1 |
2020-12-11 | CVE-2020-24341 | Altran | Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. | 9.1 |
2020-12-11 | CVE-2020-17467 | Butok | Out-of-bounds Read vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 9.1 |
2020-12-11 | CVE-2020-17441 | Altran Microchip | Out-of-bounds Read vulnerability in multiple products An issue was discovered in picoTCP 1.7.0. | 9.1 |
2020-12-09 | CVE-2020-26838 | SAP | OS Command Injection vulnerability in SAP Business Warehouse and Bw/4Hana SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. | 9.1 |
2020-12-09 | CVE-2020-26837 | SAP | Path Traversal vulnerability in SAP Solution Manager 7.20 SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable. | 9.1 |
2020-12-09 | CVE-2020-17528 | Apache | Out-of-bounds Write vulnerability in Apache Nuttx Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet. | 9.1 |
2020-12-09 | CVE-2020-29657 | Jerryscript | Out-of-bounds Read vulnerability in Jerryscript 2.3.0 In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file. | 9.1 |
2020-12-08 | CVE-2020-26255 | Getkirby | Unrestricted Upload of File with Dangerous Type vulnerability in Getkirby Kirby and Panel Kirby is a CMS. | 9.1 |
119 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-11 | CVE-2020-29254 | Tiki | Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 21.2 TikiWiki 21.2 allows templates to be edited without CSRF protection. | 8.8 |
2020-12-11 | CVE-2020-4633 | IBM | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | 8.8 |
2020-12-11 | CVE-2020-35135 | Infolific | Cross-Site Request Forgery (CSRF) vulnerability in Infolific Ultimate Category Excluder The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF. | 8.8 |
2020-12-11 | CVE-2020-9301 | Linuxfoundation | Deserialization of Untrusted Data vulnerability in Linuxfoundation Spinnaker Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. | 8.8 |
2020-12-10 | CVE-2020-25967 | Fastadmin | Injection vulnerability in Fastadmin 1.0.0.20200506 The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. | 8.8 |
2020-12-10 | CVE-2020-13526 | Processmaker | SQL Injection vulnerability in Processmaker 3.4.11 SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11. | 8.8 |
2020-12-09 | CVE-2020-25499 | Totolink | Missing Authorization vulnerability in Totolink products TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. | 8.8 |
2020-12-09 | CVE-2020-26970 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Thunderbird When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. | 8.8 |
2020-12-09 | CVE-2020-26969 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82. | 8.8 |
2020-12-09 | CVE-2020-26968 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. | 8.8 |
2020-12-09 | CVE-2020-26960 | Mozilla | Use After Free vulnerability in Mozilla Firefox If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. | 8.8 |
2020-12-09 | CVE-2020-26959 | Mozilla | Use After Free vulnerability in Mozilla Firefox During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. | 8.8 |
2020-12-09 | CVE-2020-26952 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. | 8.8 |
2020-12-09 | CVE-2020-26950 | Mozilla | Use After Free vulnerability in Mozilla Firefox ESR In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. | 8.8 |
2020-12-08 | CVE-2020-27906 | Apple | Integer Overflow or Wraparound vulnerability in Apple Macos Multiple integer overflows were addressed with improved input validation. | 8.8 |
2020-12-08 | CVE-2020-9950 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
2020-12-08 | CVE-2020-9947 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
2020-12-08 | CVE-2020-25629 | Moodle | Missing Authorization vulnerability in Moodle A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as" a System manager. | 8.8 |
2020-12-07 | CVE-2020-27151 | Katacontainers | Unspecified vulnerability in Katacontainers Kata Containers An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. | 8.8 |
2020-12-09 | CVE-2020-26249 | Cogboard | Cross-site Scripting vulnerability in Cogboard Red-Dashboard Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot. | 8.7 |
2020-12-11 | CVE-2020-7560 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert and Unity PRO A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software. | 8.6 |
2020-12-11 | CVE-2020-17439 | UIP Project | Improper Input Validation vulnerability in UIP Project UIP 1.0 An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. | 8.3 |
2020-12-11 | CVE-2020-24334 | UIP Project | Out-of-bounds Read vulnerability in UIP Project UIP The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c. | 8.2 |
2020-12-11 | CVE-2020-17437 | UIP Project Open Iscsi Project Siemens | Out-of-bounds Write vulnerability in multiple products An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. | 8.2 |
2020-12-09 | CVE-2020-26830 | SAP | Missing Authorization vulnerability in SAP Solution Manager 7.20 SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user. | 8.1 |
2020-12-09 | CVE-2020-26261 | Jupyterhub | Exposure of Resource to Wrong Sphere vulnerability in Jupyterhub Systemdspawner jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. | 7.9 |
2020-12-12 | CVE-2020-29654 | Westerndigital | Uncontrolled Search Path Element vulnerability in Westerndigital Dashboard Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account. | 7.8 |
2020-12-11 | CVE-2020-27786 | Linux Redhat Netapp | A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. | 7.8 |
2020-12-11 | CVE-2020-27828 | Jasper Project Fedoraproject | There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. | 7.8 |
2020-12-11 | CVE-2020-13520 | Pixar Apple | Out-of-bounds Write vulnerability in multiple products An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. | 7.8 |
2020-12-11 | CVE-2020-28219 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September 2020, from 83.7551.1 to 83.7578.1), that could cause exposure of credentials to server-side users when web users are logged in to Virtual ViewX. | 7.8 |
2020-12-10 | CVE-2020-4829 | IBM | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. | 7.8 |
2020-12-10 | CVE-2020-26267 | Out-of-bounds Read vulnerability in Google Tensorflow In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. | 7.8 | |
2020-12-09 | CVE-2020-10143 | Macrium | Improper Initialization vulnerability in Macrium Reflect Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. | 7.8 |
2020-12-09 | CVE-2020-16600 | Artifex | Use After Free vulnerability in Artifex Mupdf A Use After Free vulnerability exists in Artifex Software, Inc. | 7.8 |
2020-12-09 | CVE-2020-29661 | Linux Fedoraproject Debian Netapp Broadcom Oracle | Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 7.8 |
2020-12-09 | CVE-2020-25199 | WE CON | Out-of-bounds Write vulnerability in We-Con Levistudiou A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. | 7.8 |
2020-12-09 | CVE-2020-27614 | Anydesk | Improper Input Validation vulnerability in Anydesk AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation. | 7.8 |
2020-12-08 | CVE-2020-27918 | Apple Fedoraproject Debian Webkitgtk | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-27932 | Apple | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved state handling. | 7.8 |
2020-12-08 | CVE-2020-27930 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27927 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
2020-12-08 | CVE-2020-27926 | Apple | Use After Free vulnerability in Apple Iphone OS A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-27917 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-27916 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27912 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27911 | Apple | Integer Overflow or Wraparound vulnerability in Apple products An integer overflow was addressed through improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27910 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27909 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-27905 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 7.8 |
2020-12-08 | CVE-2020-27904 | Apple | Unspecified vulnerability in Apple Macos A logic issue existed resulting in memory corruption. | 7.8 |
2020-12-08 | CVE-2020-27903 | Apple | Unspecified vulnerability in Apple Macos 11.0 This issue was addressed by removing the vulnerable code. | 7.8 |
2020-12-08 | CVE-2020-10017 | Apple | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-9999 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 7.8 |
2020-12-08 | CVE-2020-9996 | Apple | Use After Free vulnerability in Apple Iphone OS A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-9981 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-9972 | Apple | Classic Buffer Overflow vulnerability in Apple products A buffer overflow issue was addressed with improved memory handling. | 7.8 |
2020-12-08 | CVE-2020-9966 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-9965 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 7.8 |
2020-12-08 | CVE-2020-9954 | Apple | Classic Buffer Overflow vulnerability in Apple products A buffer overflow issue was addressed with improved memory handling. | 7.8 |
2020-12-08 | CVE-2020-9949 | Apple | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 7.8 |
2020-12-08 | CVE-2020-10016 | Apple | Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved state management. | 7.8 |
2020-12-08 | CVE-2020-10013 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 7.8 |
2020-12-08 | CVE-2020-10011 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 7.8 |
2020-12-08 | CVE-2020-10010 | Apple | Path Traversal vulnerability in Apple products A path handling issue was addressed with improved validation. | 7.8 |
2020-12-08 | CVE-2020-10004 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 7.8 |
2020-12-08 | CVE-2020-10003 | Apple | Link Following vulnerability in Apple products An issue existed within the path validation logic for symlinks. | 7.8 |
2020-12-07 | CVE-2020-29599 | Imagemagick Debian | XML Injection (aka Blind XPath Injection) vulnerability in multiple products ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. | 7.8 |
2020-12-07 | CVE-2020-9247 | Huawei | Classic Buffer Overflow vulnerability in Huawei products There is a buffer overflow vulnerability in several Huawei products. | 7.8 |
2020-12-07 | CVE-2020-5798 | Druva | Improper Validation of Integrity Check Value vulnerability in Druva Insync 6.8.0 inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions. | 7.8 |
2020-12-08 | CVE-2020-26254 | Omniauth Apple Project | Authentication Bypass by Spoofing vulnerability in Omniauth-Apple Project Omniauth-Apple omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple). | 7.7 |
2020-12-09 | CVE-2020-26832 | SAP | Missing Authorization vulnerability in SAP Netweaver Application Server Abap and S/4 Hana SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailable. | 7.6 |
2020-12-11 | CVE-2020-24340 | Altran | Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-24339 | Altran | Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-24337 | Altran | Infinite Loop vulnerability in Altran Picotcp and Picotcp-Ng An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-17469 | Butok | Access of Uninitialized Pointer vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 7.5 |
2020-12-11 | CVE-2020-17468 | Butok | Out-of-bounds Read vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 7.5 |
2020-12-11 | CVE-2020-17445 | Altran | Out-of-bounds Read vulnerability in Altran Picotcp An issue was discovered in picoTCP 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-17444 | Altran | Infinite Loop vulnerability in Altran Picotcp An issue was discovered in picoTCP 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-17443 | Altran | Integer Overflow or Wraparound vulnerability in Altran Picotcp An issue was discovered in picoTCP 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-17442 | Altran | Integer Overflow or Wraparound vulnerability in Altran Picotcp An issue was discovered in picoTCP 1.7.0. | 7.5 |
2020-12-11 | CVE-2020-17440 | UIP Project | Unspecified vulnerability in UIP Project UIP 1.0 An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. | 7.5 |
2020-12-11 | CVE-2020-13988 | Contiki NG | Integer Overflow or Wraparound vulnerability in Contiki-Ng An issue was discovered in Contiki through 3.0. | 7.5 |
2020-12-11 | CVE-2020-13987 | UIP Project Open Iscsi Project Siemens | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Contiki through 3.0. | 7.5 |
2020-12-11 | CVE-2020-13986 | Contiki OS | Infinite Loop vulnerability in Contiki-Os Contiki An issue was discovered in Contiki through 3.0. | 7.5 |
2020-12-11 | CVE-2020-13985 | Contiki OS | Incorrect Conversion between Numeric Types vulnerability in Contiki-Os Contiki An issue was discovered in Contiki through 3.0. | 7.5 |
2020-12-11 | CVE-2020-13984 | Contiki OS | Infinite Loop vulnerability in Contiki-Os Contiki An issue was discovered in Contiki through 3.0. | 7.5 |
2020-12-11 | CVE-2020-5949 | F5 | Unspecified vulnerability in F5 products On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break. | 7.5 |
2020-12-11 | CVE-2020-27713 | F5 | Memory Leak vulnerability in F5 Big-Ip Advanced Firewall Manager 13.1.3.4 In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory. | 7.5 |
2020-12-11 | CVE-2020-7791 | I18N Project | Unspecified vulnerability in I18N Project I18N 2.1.1.0 This affects the package i18n before 2.1.15. | 7.5 |
2020-12-11 | CVE-2020-27508 | Frappe | Unspecified vulnerability in Frappe In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security. | 7.5 |
2020-12-11 | CVE-2020-7793 | UA Parser JS Project Siemens | The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). | 7.5 |
2020-12-11 | CVE-2020-13530 | Opener Project | Operation on a Resource after Expiration or Release vulnerability in Opener Project Opener 2.3 A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. | 7.5 |
2020-12-11 | CVE-2020-25191 | NI | Incorrect Permission Assignment for Critical Resource vulnerability in NI Compactrio Firmware Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely. | 7.5 |
2020-12-11 | CVE-2020-7543 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. | 7.5 |
2020-12-11 | CVE-2020-7542 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. | 7.5 |
2020-12-11 | CVE-2020-7539 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP. | 7.5 |
2020-12-11 | CVE-2020-7537 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. | 7.5 |
2020-12-11 | CVE-2020-7536 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP. | 7.5 |
2020-12-11 | CVE-2020-7535 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP. | 7.5 |
2020-12-11 | CVE-2020-28217 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 7.5 |
2020-12-11 | CVE-2020-28216 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 7.5 |
2020-12-10 | CVE-2020-26269 | Out-of-bounds Read vulnerability in Google Tensorflow 2.4.0 In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories. | 7.5 | |
2020-12-10 | CVE-2020-12516 | Wago | Unspecified vulnerability in Wago products Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. | 7.5 |
2020-12-09 | CVE-2020-28086 | Zx2C4 | Improper Verification of Cryptographic Signature vulnerability in Zx2C4 Password-Store pass through 1.7.3 has a possibility of using a password for an unintended resource. | 7.5 |
2020-12-09 | CVE-2020-29656 | Asus | Forced Browsing vulnerability in Asus Rt-Ac88U Firmware 3.0.0.4.386.46061 An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. | 7.5 |
2020-12-09 | CVE-2020-29655 | Asus | Injection vulnerability in Asus Rt-Ac88U Firmware 3.0.0.4.386.46061 An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. | 7.5 |
2020-12-09 | CVE-2020-29651 | Pytest Fedoraproject Oracle | A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. | 7.5 |
2020-12-08 | CVE-2020-9991 | Apple | Unspecified vulnerability in Apple products This issue was addressed with improved checks. | 7.5 |
2020-12-08 | CVE-2020-28946 | Plummac | Missing Authentication for Critical Function vulnerability in Plummac Ik-401 Firmware An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data. | 7.5 |
2020-12-08 | CVE-2020-29540 | Systransoft | Unspecified vulnerability in Systransoft Pure Neural Server API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port. | 7.5 |
2020-12-08 | CVE-2020-25692 | Openldap Redhat Netapp | A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. | 7.5 |
2020-12-08 | CVE-2020-25630 | Moodle | Unspecified vulnerability in Moodle A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. | 7.5 |
2020-12-08 | CVE-2020-26233 | Microsoft | Unspecified vulnerability in Microsoft GIT Credential Manager Core Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. | 7.3 |
2020-12-11 | CVE-2020-24637 | Arubanetworks | Unspecified vulnerability in Arubanetworks Arubaos Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. | 7.2 |
2020-12-10 | CVE-2020-12594 | Broadcom | Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.5/10.7/9.5 A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. | 7.2 |
2020-12-09 | CVE-2020-23520 | Txjia | Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2 imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality. | 7.2 |
2020-12-07 | CVE-2020-26122 | Inspur | Improper Verification of Cryptographic Signature vulnerability in Inspur products Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. | 7.2 |
2020-12-08 | CVE-2020-27752 | Imagemagick | Unspecified vulnerability in Imagemagick A flaw was found in ImageMagick in MagickCore/quantum-private.h. | 7.1 |
158 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-11 | CVE-2020-12149 | Arubanetworks | OS Command Injection vulnerability in Arubanetworks Edgeconnect Enterprise The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. | 6.8 |
2020-12-11 | CVE-2020-12148 | Arubanetworks | OS Command Injection vulnerability in Arubanetworks Edgeconnect Enterprise A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. | 6.8 |
2020-12-11 | CVE-2020-28220 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M258 Firmware, Somachine and Somachine Motion A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified. | 6.8 |
2020-12-09 | CVE-2020-26964 | Mozilla | Unspecified vulnerability in Mozilla Firefox 80.0 If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. | 6.8 |
2020-12-11 | CVE-2020-15375 | Broadcom | Improper Input Validation vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. | 6.7 |
2020-12-09 | CVE-2020-7337 | Mcafee | Unspecified vulnerability in Mcafee Virusscan Enterprise Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks. | 6.7 |
2020-12-11 | CVE-2020-26264 | Ethereum | Resource Exhaustion vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 6.5 |
2020-12-11 | CVE-2020-26409 | Gitlab | Resource Exhaustion vulnerability in Gitlab A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields. | 6.5 |
2020-12-11 | CVE-2020-25838 | Microfocus | Unspecified vulnerability in Microfocus Filr Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. | 6.5 |
2020-12-11 | CVE-2020-28218 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action. | 6.5 |
2020-12-10 | CVE-2019-4738 | IBM | Cleartext Storage of Sensitive Information vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. | 6.5 |
2020-12-09 | CVE-2020-26257 | Matrix Fedoraproject | Resource Exhaustion vulnerability in multiple products Matrix is an ecosystem for open federated Instant Messaging and VoIP. | 6.5 |
2020-12-09 | CVE-2020-26826 | SAP | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Application Server Java 7.31/7.40/7.50 Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload. | 6.5 |
2020-12-09 | CVE-2020-26967 | Mozilla | Unspecified vulnerability in Mozilla Firefox When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. | 6.5 |
2020-12-09 | CVE-2020-26966 | Mozilla | Unspecified vulnerability in Mozilla Firefox Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. | 6.5 |
2020-12-09 | CVE-2020-26965 | Mozilla | Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. | 6.5 |
2020-12-09 | CVE-2020-26961 | Mozilla | Unspecified vulnerability in Mozilla Firefox When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. | 6.5 |
2020-12-09 | CVE-2020-26957 | Mozilla | Improper Initialization vulnerability in Mozilla Firefox 80.0 OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. | 6.5 |
2020-12-09 | CVE-2020-26955 | Mozilla | Reliance on Cookies without Validation and Integrity Checking vulnerability in Mozilla Firefox 80.0 When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes. | 6.5 |
2020-12-08 | CVE-2020-26256 | C2Fo | Resource Exhaustion vulnerability in C2Fo Fast-Csv Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. | 6.5 |
2020-12-08 | CVE-2020-9922 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 6.5 |
2020-12-08 | CVE-2020-9849 | Apple | Information Exposure vulnerability in Apple products An information disclosure issue was addressed with improved state management. | 6.5 |
2020-12-07 | CVE-2020-13945 | Apache | Unspecified vulnerability in Apache Apisix In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. | 6.5 |
2020-12-09 | CVE-2020-7776 | Phpoffice | Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet This affects the package phpoffice/phpspreadsheet from 0.0.0. | 6.4 |
2020-12-09 | CVE-2020-26828 | SAP | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1 SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. | 6.4 |
2020-12-09 | CVE-2020-26260 | Bookstackapp | Injection vulnerability in Bookstackapp Bookstack BookStack is a platform for storing and organising information and documentation. | 6.4 |
2020-12-10 | CVE-2020-7339 | Mcafee | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mcafee Database Security 4.6.6 Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors. | 6.3 |
2020-12-08 | CVE-2020-10014 | Apple | Path Traversal vulnerability in Apple mac OS X and Macos A parsing issue in the handling of directory paths was addressed with improved path validation. | 6.3 |
2020-12-12 | CVE-2020-35200 | Igniterealtime | Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0 Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS. | 6.1 |
2020-12-11 | CVE-2020-29455 | Smartystreets | Cross-site Scripting vulnerability in Smartystreets Liveaddressplugin.Js 3.2 A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or country). | 6.1 |
2020-12-11 | CVE-2020-17515 | Apache | Cross-site Scripting vulnerability in Apache Airflow The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. | 6.1 |
2020-12-10 | CVE-2020-2498 | Qnap | Cross-site Scripting vulnerability in Qnap QTS and Quts Hero If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. | 6.1 |
2020-12-10 | CVE-2020-2497 | Qnap | Cross-site Scripting vulnerability in Qnap QTS and Quts Hero If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. | 6.1 |
2020-12-10 | CVE-2020-2496 | Qnap | Cross-site Scripting vulnerability in Qnap QTS and Quts Hero If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. | 6.1 |
2020-12-10 | CVE-2020-2495 | Qnap | Cross-site Scripting vulnerability in Qnap QTS and Quts Hero If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. | 6.1 |
2020-12-10 | CVE-2020-2494 | Qnap | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. | 6.1 |
2020-12-10 | CVE-2020-2493 | Qnap | Cross-site Scripting vulnerability in Qnap Multimedia Console This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code. | 6.1 |
2020-12-10 | CVE-2020-2491 | Qnap | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 6.1 |
2020-12-09 | CVE-2020-29258 | Online Examination System Project | Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0 Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php. | 6.1 |
2020-12-09 | CVE-2020-29257 | Online Examination System Project | Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0 Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php. | 6.1 |
2020-12-09 | CVE-2020-26836 | SAP | Open Redirect vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack. | 6.1 |
2020-12-09 | CVE-2020-26835 | SAP | Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability. | 6.1 |
2020-12-09 | CVE-2020-26962 | Mozilla | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. | 6.1 |
2020-12-09 | CVE-2020-26958 | Mozilla | Cross-site Scripting vulnerability in Mozilla Firefox Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. | 6.1 |
2020-12-09 | CVE-2020-26956 | Mozilla | Cross-site Scripting vulnerability in Mozilla Firefox In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. | 6.1 |
2020-12-09 | CVE-2020-26951 | Mozilla | Cross-site Scripting vulnerability in Mozilla Firefox A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. | 6.1 |
2020-12-09 | CVE-2020-25627 | Moodle | Unspecified vulnerability in Moodle 3.9.0/3.9.1 The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. | 6.1 |
2020-12-08 | CVE-2020-25664 | Imagemagick Fedoraproject | In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. | 6.1 |
2020-12-08 | CVE-2020-14206 | Divebook Project | Cross-site Scripting vulnerability in Divebook Project Divebook 1.1.4 The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function (via an arbitrary parameter). | 6.1 |
2020-12-08 | CVE-2020-10012 | Apple | Cross-site Scripting vulnerability in Apple mac OS X and Macos An access issue was addressed with improved access restrictions. | 6.1 |
2020-12-08 | CVE-2020-25631 | Moodle | Unspecified vulnerability in Moodle A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" page. | 6.1 |
2020-12-08 | CVE-2020-25628 | Moodle | Unspecified vulnerability in Moodle The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. | 6.1 |
2020-12-07 | CVE-2020-28727 | Seeddms | Cross-site Scripting vulnerability in Seeddms 6.0.13 Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. | 6.1 |
2020-12-08 | CVE-2020-27821 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. | 6.0 |
2020-12-11 | CVE-2020-15023 | Askey | Use of Insufficiently Random Values vulnerability in Askey Ap5100W Firmware 1.01.097 Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. | 5.9 |
2020-12-08 | CVE-2020-1971 | Openssl Debian Fedoraproject Oracle Netapp Tenable Siemens Nodejs | NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. | 5.9 |
2020-12-08 | CVE-2020-26253 | Getkirby | Origin Validation Error vulnerability in Getkirby Kirby Kirby is a CMS. | 5.9 |
2020-12-08 | CVE-2020-27822 | Redhat | Unspecified vulnerability in Redhat Wildfly A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. | 5.9 |
2020-12-12 | CVE-2020-35208 | Logmein | Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403 An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. | 5.7 |
2020-12-12 | CVE-2020-35207 | Logmein | Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403 An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. | 5.7 |
2020-12-11 | CVE-2020-27825 | Linux Redhat Debian Netapp | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). | 5.7 |
2020-12-10 | CVE-2020-27350 | Debian Netapp | Integer Overflow or Wraparound vulnerability in multiple products APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. | 5.7 |
2020-12-11 | CVE-2020-7789 | Node Notifier Project | OS Command Injection vulnerability in Node-Notifier Project Node-Notifier This affects the package node-notifier before 9.0.0. | 5.6 |
2020-12-11 | CVE-2020-28214 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide. | 5.5 |
2020-12-09 | CVE-2020-16599 | GNU Netapp | NULL Pointer Dereference vulnerability in multiple products A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | 5.5 |
2020-12-09 | CVE-2020-16593 | GNU Netapp | NULL Pointer Dereference vulnerability in multiple products A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | 5.5 |
2020-12-09 | CVE-2020-16592 | GNU Netapp Fedoraproject | Use After Free vulnerability in multiple products A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | 5.5 |
2020-12-09 | CVE-2020-16591 | GNU Netapp | Out-of-bounds Read vulnerability in multiple products A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. | 5.5 |
2020-12-09 | CVE-2020-16590 | GNU Netapp | Double Free vulnerability in multiple products A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. | 5.5 |
2020-12-09 | CVE-2020-16589 | Openexr Debian | Out-of-bounds Write vulnerability in multiple products A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-16588 | Openexr Debian | NULL Pointer Dereference vulnerability in multiple products A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-16587 | Openexr Debian | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file. | 5.5 |
2020-12-09 | CVE-2020-27349 | Canonical | Missing Authorization vulnerability in Canonical Ubuntu Linux Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. | 5.5 |
2020-12-08 | CVE-2020-27896 | Apple | Path Traversal vulnerability in Apple mac OS X and Macos A path handling issue was addressed with improved validation. | 5.5 |
2020-12-08 | CVE-2020-27756 | Imagemagick | Unspecified vulnerability in Imagemagick In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. | 5.5 |
2020-12-08 | CVE-2020-27753 | Imagemagick | Unspecified vulnerability in Imagemagick There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. | 5.5 |
2020-12-08 | CVE-2020-27750 | Imagemagick Debian | A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. | 5.5 |
2020-12-08 | CVE-2020-25676 | Imagemagick Debian | In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. | 5.5 |
2020-12-08 | CVE-2020-25674 | Imagemagick Debian | WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. | 5.5 |
2020-12-08 | CVE-2020-27950 | Apple | Improper Initialization vulnerability in Apple products A memory initialization issue was addressed. | 5.5 |
2020-12-08 | CVE-2020-27929 | Apple | Unspecified vulnerability in Apple Iphone OS A logic issue existed in the handling of Group FaceTime calls. | 5.5 |
2020-12-08 | CVE-2020-27925 | Apple | Unspecified vulnerability in Apple Iphone OS An issue existed in the handling of incoming calls. | 5.5 |
2020-12-08 | CVE-2020-27900 | Apple | Unspecified vulnerability in Apple Macos An issue existed in the handling of snapshots. | 5.5 |
2020-12-08 | CVE-2020-27898 | Apple | Unchecked Return Value vulnerability in Apple Macos A denial of service issue was addressed with improved state handling. | 5.5 |
2020-12-08 | CVE-2020-25667 | Imagemagick | Unspecified vulnerability in Imagemagick TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. | 5.5 |
2020-12-08 | CVE-2020-25665 | Imagemagick Debian | Out-of-bounds Read vulnerability in multiple products The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. | 5.5 |
2020-12-08 | CVE-2020-25663 | Imagemagick | Unspecified vulnerability in Imagemagick A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. | 5.5 |
2020-12-08 | CVE-2020-9989 | Apple | Unspecified vulnerability in Apple products The issue was addressed with improved deletion. | 5.5 |
2020-12-08 | CVE-2020-9988 | Apple | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved deletion. | 5.5 |
2020-12-08 | CVE-2020-9977 | Apple | Improper Input Validation vulnerability in Apple mac OS X A validation issue existed in the entitlement verification. | 5.5 |
2020-12-08 | CVE-2020-9974 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 5.5 |
2020-12-08 | CVE-2020-9969 | Apple | Unspecified vulnerability in Apple products An access issue was addressed with additional sandbox restrictions. | 5.5 |
2020-12-08 | CVE-2020-9963 | Apple | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved handling of icon caches. | 5.5 |
2020-12-08 | CVE-2020-9944 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 5.5 |
2020-12-08 | CVE-2020-9943 | Apple | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 5.5 |
2020-12-08 | CVE-2020-27894 | Apple | Unspecified vulnerability in Apple Macos 11.0 The issue was addressed with additional user controls. | 5.5 |
2020-12-08 | CVE-2020-10009 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 5.5 |
2020-12-08 | CVE-2020-10007 | Apple | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 5.5 |
2020-12-08 | CVE-2020-10006 | Apple | Unspecified vulnerability in Apple mac OS X This issue was addressed with improved entitlements. | 5.5 |
2020-12-08 | CVE-2020-10002 | Apple | Unspecified vulnerability in Apple products A logic issue was addressed with improved state management. | 5.5 |
2020-12-08 | CVE-2020-25677 | Ceph Redhat | A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. | 5.5 |
2020-12-07 | CVE-2020-8566 | Kubernetes | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. | 5.5 |
2020-12-07 | CVE-2020-8565 | Kubernetes | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. | 5.5 |
2020-12-07 | CVE-2020-8564 | Kubernetes | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. | 5.5 |
2020-12-07 | CVE-2020-8563 | Kubernetes | Information Exposure Through Log Files vulnerability in Kubernetes In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. | 5.5 |
2020-12-07 | CVE-2020-28935 | Nlnetlabs Debian | Link Following vulnerability in multiple products NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. | 5.5 |
2020-12-07 | CVE-2020-17521 | Apache Netapp Oracle | Apache Groovy provides extension methods to aid with creating temporary directories. | 5.5 |
2020-12-07 | CVE-2020-26513 | Intland | XXE vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0 An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. | 5.5 |
2020-12-12 | CVE-2020-35202 | Igniterealtime | Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0 Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS. | 5.4 |
2020-12-12 | CVE-2020-35201 | Igniterealtime | Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0 Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS. | 5.4 |
2020-12-12 | CVE-2020-35199 | Igniterealtime | Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0 Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS. | 5.4 |
2020-12-11 | CVE-2020-35132 | Phpldapadmin Project Fedoraproject | Cross-site Scripting vulnerability in multiple products An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php. | 5.4 |
2020-12-11 | CVE-2020-35127 | Igniterealtime | Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0 Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS. | 5.4 |
2020-12-10 | CVE-2020-26407 | Gitlab | Cross-site Scripting vulnerability in Gitlab A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project | 5.4 |
2020-12-09 | CVE-2020-29259 | Online Examination System Project | Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0 Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the subject or feedback parameter to feedback.php. | 5.4 |
2020-12-09 | CVE-2020-26834 | SAP | Improper Authentication vulnerability in SAP Hana Database 2.00 SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. | 5.4 |
2020-12-09 | CVE-2020-10146 | Microsoft | Cross-site Scripting vulnerability in Microsoft Teams The Microsoft Teams online service contains a stored cross-site scripting vulnerability in the displayName parameter that can be exploited on Teams clients to obtain sensitive information such as authentication tokens and to possibly execute arbitrary commands. | 5.4 |
2020-12-08 | CVE-2020-25955 | Student Management System Project IN PHP Project | Cross-site Scripting vulnerability in Student Management System Project in PHP Project Student Management System Project in PHP 1.0 SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab. | 5.4 |
2020-12-08 | CVE-2020-29539 | Systransoft | Cross-site Scripting vulnerability in Systransoft Pure Neural Server A Cross-Site Scripting (XSS) issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site. | 5.4 |
2020-12-12 | CVE-2020-35176 | Awstats Debian Fedoraproject | Path Traversal vulnerability in multiple products In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. | 5.3 |
2020-12-11 | CVE-2020-35175 | Frappe | Unspecified vulnerability in Frappe Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API. | 5.3 |
2020-12-11 | CVE-2020-17470 | Butok | Use of Insufficiently Random Values vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 5.3 |
2020-12-11 | CVE-2020-5950 | F5 | Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. | 5.3 |
2020-12-11 | CVE-2020-35149 | Mquery Project | Unspecified vulnerability in Mquery Project Mquery lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation. | 5.3 |
2020-12-11 | CVE-2020-26421 | Wireshark Fedoraproject Debian Oracle | Out-of-bounds Read vulnerability in multiple products Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | 5.3 |
2020-12-11 | CVE-2020-26420 | Wireshark Fedoraproject Oracle | Memory Leak vulnerability in multiple products Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | 5.3 |
2020-12-11 | CVE-2020-26419 | Wireshark Fedoraproject Oracle | Memory Leak vulnerability in multiple products Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. | 5.3 |
2020-12-11 | CVE-2020-26418 | Wireshark Fedoraproject Debian Oracle | Memory Leak vulnerability in multiple products Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | 5.3 |
2020-12-11 | CVE-2020-26265 | Ethereum | Incorrect Calculation vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 5.3 |
2020-12-11 | CVE-2020-26417 | Gitlab | Information Exposure vulnerability in Gitlab Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. | 5.3 |
2020-12-11 | CVE-2020-26413 | Gitlab | Information Exposure vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. | 5.3 |
2020-12-11 | CVE-2020-26408 | Gitlab | Missing Authorization vulnerability in Gitlab A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile | 5.3 |
2020-12-11 | CVE-2020-7549 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP. | 5.3 |
2020-12-11 | CVE-2020-7541 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP. | 5.3 |
2020-12-10 | CVE-2020-26266 | Use of Uninitialized Resource vulnerability in Google Tensorflow In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. | 5.3 | |
2020-12-10 | CVE-2020-29666 | Lanatmservice | Unspecified vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0 In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value. | 5.3 |
2020-12-08 | CVE-2020-14207 | Divebook Project | SQL Injection vulnerability in Divebook Project Divebook 1.1.4 The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filter_diver parameter. | 5.3 |
2020-12-08 | CVE-2020-14205 | Divebook Project | Missing Authorization vulnerability in Divebook Project Divebook 1.1.4 The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. | 5.3 |
2020-12-10 | CVE-2020-12595 | Broadcom | Unspecified vulnerability in Broadcom Symantec Messaging Gateway 10.5/10.7/9.5 An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. | 4.9 |
2020-12-11 | CVE-2020-35126 | Typesettercms | Cross-site Scripting vulnerability in Typesettercms Typesetter Typesetter CMS 5.x through 5.1 allows admins to conduct Site Title persistent XSS attacks via an Admin/Configuration URI. | 4.8 |
2020-12-08 | CVE-2020-26234 | Apereo | Origin Validation Error vulnerability in Apereo Opencast Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. | 4.8 |
2020-12-08 | CVE-2020-27902 | Apple | Missing Authentication for Critical Function vulnerability in Apple Iphone OS An authentication issue was addressed with improved state management. | 4.6 |
2020-12-09 | CVE-2020-26816 | SAP | Cleartext Storage of Sensitive Information vulnerability in SAP Netweaver Application Server Java SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. | 4.5 |
2020-12-11 | CVE-2020-26416 | Gitlab | Information Exposure Through Log Files vulnerability in Gitlab Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. | 4.4 |
2020-12-10 | CVE-2020-26268 | Unspecified vulnerability in Google Tensorflow In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. | 4.4 | |
2020-12-09 | CVE-2020-29660 | Linux Fedoraproject Debian Netapp Broadcom | Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 4.4 |
2020-12-11 | CVE-2020-15376 | Broadcom | Unspecified vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups. | 4.3 |
2020-12-11 | CVE-2020-26411 | Gitlab | Improper Resource Shutdown or Release vulnerability in Gitlab A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2). | 4.3 |
2020-12-11 | CVE-2020-26415 | Gitlab | Missing Authorization vulnerability in Gitlab Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. | 4.3 |
2020-12-11 | CVE-2020-26412 | Gitlab | Unspecified vulnerability in Gitlab Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2. | 4.3 |
2020-12-11 | CVE-2020-13357 | Gitlab | Authorization Bypass Through User-Controlled Key vulnerability in Gitlab An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in a project. | 4.3 |
2020-12-09 | CVE-2020-26963 | Mozilla | Unspecified vulnerability in Mozilla Firefox Repeated calls to the history and location interfaces could have been used to hang the browser. | 4.3 |
2020-12-09 | CVE-2020-26954 | Mozilla | Unspecified vulnerability in Mozilla Firefox 80.0 When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. | 4.3 |
2020-12-09 | CVE-2020-26953 | Mozilla | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. | 4.3 |
2020-12-08 | CVE-2020-9993 | Apple | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products The issue was addressed with improved UI handling. | 4.3 |
2020-12-08 | CVE-2020-9987 | Apple | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
2020-12-08 | CVE-2020-9945 | Apple | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple mac OS X A spoofing issue existed in the handling of URLs. | 4.3 |
2020-12-08 | CVE-2020-9942 | Apple | Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari An inconsistent user interface issue was addressed with improved state management. | 4.3 |
18 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-09 | CVE-2020-16128 | Canonical | Information Exposure Through an Error Message vulnerability in Canonical Ubuntu Linux The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. | 3.8 |
2020-12-10 | CVE-2020-29668 | Sympa Fedoraproject Debian | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun. | 3.7 |
2020-12-11 | CVE-2020-28838 | Opencart | Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6 Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. | 3.5 |
2020-12-10 | CVE-2020-8920 | Unspecified vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts. | 3.5 | |
2020-12-10 | CVE-2020-8919 | Incorrect Authorization vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access. | 3.5 | |
2020-12-10 | CVE-2020-8908 | Google Quarkus Oracle Netapp | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). | 3.3 |
2020-12-10 | CVE-2020-26270 | Improper Input Validation vulnerability in Google Tensorflow In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. | 3.3 | |
2020-12-10 | CVE-2020-26271 | Use of Uninitialized Resource vulnerability in Google Tensorflow In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. | 3.3 | |
2020-12-08 | CVE-2020-27758 | Imagemagick Debian | A flaw was found in ImageMagick in coders/txt.c. | 3.3 |
2020-12-08 | CVE-2020-27757 | Imagemagick Debian | A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. | 3.3 |
2020-12-08 | CVE-2020-27755 | Imagemagick | Unspecified vulnerability in Imagemagick in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. | 3.3 |
2020-12-08 | CVE-2020-27754 | Imagemagick Debian | In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. | 3.3 |
2020-12-08 | CVE-2020-27751 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/quantum-export.c. | 3.3 |
2020-12-08 | CVE-2020-25675 | Imagemagick Debian | In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. | 3.3 |
2020-12-08 | CVE-2020-27895 | Apple | Unspecified vulnerability in Apple Itunes An information disclosure issue existed in the transition of program state. | 3.3 |
2020-12-08 | CVE-2020-25666 | Imagemagick Debian | There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. | 3.3 |
2020-12-08 | CVE-2020-27818 | Libpng Fedoraproject Debian | Out-of-bounds Read vulnerability in multiple products A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. | 3.3 |
2020-12-10 | CVE-2020-27351 | Debian | Missing Release of Resource after Effective Lifetime vulnerability in Debian Advanced Package Tool Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. | 2.8 |